Download presentation
Presentation is loading. Please wait.
Published byShanon Simmons Modified over 9 years ago
1
Social Engineering Provide brief background about ourselves i.e. what were are going to school for Ask students what they think social engineering is before progressing to the next slide. One of us will write their thoughts on the whiteboard.
2
Survey Results
3
What is Social Engineering?
“Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.”-Wikipedia
4
iCloud Hack Leads to Celebrity Phishing Attacks
Celebrity Victims Link from fake tweet and Facebook post lures people to a fictional website. Users are prompted to download software to view the video. Malicious software is downloaded instead. Targets Windows 7 and earlier versions
5
Information Gathering Techniques
Telephone calls to a target business or person Dumpster diving Phishing s Face to face conversations Internet searches Parking lots GPS tracking Getting a job at the target company While we discuss internet searches, we will demonstrate the type of information than can found by searching a person’s name.
6
How is Personal Information Stolen?
Source: Iconix
7
Types of Social Engineering
Phishing Voice Phishing Spear Phishing Clone Phishing
8
More Types of Social Engineering
Pretexting Shoulder surfing Role playing Piggybacking
9
Social Engineering Tools
Social Engineering Toolkit Maltego Super Phisher - 000webhost.com Web-console Spoof Cards
10
How to Create a Fake Link
11
Influence Tactics Social engineers often exploit the three fixed action patterns in order to manipulate a victim. Fixed action patterns include the following: Liking, Reciprocity, and Authority. Learning the organization’s lingo, phone number spoofing, or mimicking an organization's hold music. Using the word “because” Show a portion of a social presentation (How to get out of a speeding using the liking fixed action pattern) Start at 4:30 and end at 6:12
12
The Human Condition Appeal to charm Fear of loss Willingness to trust
Appeal to authority Eagerness to receive free stuff Wanting to be helpful Perceived low impact of information
13
Prevention Techniques
Just say no to giving out personal information. Be scrupulous with security questions. Do you get s about password resets? Be careful. Contact the service provider to see if the is legitimate. You’ve probably heard this before, but here it is again: Never use the same password for multiple accounts! We will copy the prevention techniques into a word document to hand out to students.
14
More Prevention Techniques
Keep an eye on your account activity i.e. social media accounts, bank accounts, etc. Beware of s coming from anyone, for any reason that requires you to click links for any reason. Stop and think and before you click on the link. You should research the legitimacy of the . Continue to educate yourself on the different social engineering techniques.
15
English-German Glossary
Password s Passwort, s Kennwort Password protection r Passwortschutz Permission e Berechtigung (-en) Root directory s Wurzelverzeichnis Save (v.) Speichern Security leak s Sicherheitsleck (-s) Application(s) software e Anwendung (-en) Hacker r Hacker (-), e Hackerin (-nen) Information technology (IT) e Informatik Update n. e Aktualisierung (-en), e Änderung (-en) Virus snetwork n. s Netzwerk/r Virus (Viren) Trojan horse (virus) r Trojaner Database e Datei Error message e Fehlermeldung *We are presenting to a German class.
16
Questions?? Fragen??
17
Sources http://german.about.com/library/blcomputE_T-Z.htm
18
Sources (continued)
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.